update:(20240603) v1.1.7 去掉无用得es,以及用最新编译器1.12.3编译

build-releases-win-upx.bat

@@ -2,4 +2,4 @@ SET CGO_ENABLED=1
 SET GOOS=windows
 SET GOARCH=amd64
 SET GIN_MODE=release
-go build -ldflags="-X SamWaf/global.GWAF_RELEASE=true -X SamWaf/global.GWAF_RELEASE_VERSION_NAME=20240506 -X SamWaf/global.GWAF_RELEASE_VERSION=v1.1.6 -s -w" -o %cd%/release/SamWaf64.exe main.go && %cd%/upx/win64/upx -9  %cd%/release/SamWaf64.exe
+go build -ldflags="-X SamWaf/global.GWAF_RELEASE=true -X SamWaf/global.GWAF_RELEASE_VERSION_NAME=20240603 -X SamWaf/global.GWAF_RELEASE_VERSION=v1.1.7 -s -w" -o %cd%/release/SamWaf64.exe main.go && %cd%/upx/win64/upx -9  %cd%/release/SamWaf64.exe

build_docker_release_linux.bat

@@ -1 +1 @@
-docker run --rm -v "$PWD":/media/sf_SamWaf -w /media/sf_SamWaf -e CGO_ENABLED=1 -e GOPROXY=https://goproxy.cn,direct golang:1.19 go build -v -ldflags="-X SamWaf/global.GWAF_RELEASE=true -X SamWaf/global.GWAF_RELEASE_VERSION_NAME=20240506 -X SamWaf/global.GWAF_RELEASE_VERSION=v1.1.6 -s -w -extldflags "-static"" -o /media/sf_SamWaf/release/SamWafLinux64 main.go  && upx -9 /media/sf_SamWaf/release/SamWafLinux64
+docker run --rm -v "$PWD":/media/sf_SamWaf -w /media/sf_SamWaf -e CGO_ENABLED=1 -e GOPROXY=https://goproxy.cn,direct golang:1.22.3 go build -v -ldflags="-X SamWaf/global.GWAF_RELEASE=true -X SamWaf/global.GWAF_RELEASE_VERSION_NAME=20240603 -X SamWaf/global.GWAF_RELEASE_VERSION=v1.1.7 -s -w -extldflags "-static"" -o /media/sf_SamWaf/release/SamWafLinux64 main.go  && upx -9 /media/sf_SamWaf/release/SamWafLinux64

go.mod

@@ -8,7 +8,6 @@ require (
 	github.com/denisbrodbeck/machineid v1.0.1
 	github.com/dsnet/compress v0.0.1
 	github.com/edwingeng/deque v1.0.3
-	github.com/elastic/go-elasticsearch/v7 v7.17.1
 	github.com/elazarl/go-bindata-assetfs v1.0.1
 	github.com/gin-gonic/gin v1.8.1
 	github.com/go-co-op/gocron v1.17.1

main.go

@@ -172,7 +172,6 @@ func (m *wafSystenService) run() {
 		ServerOnline: map[int]innerbean.ServerRunTime{},
 		//所有证书情况 对应端口 可能多个端口都是https 443，或者其他非标准端口也要实现https证书
 		AllCertificate: map[int]map[string]*tls.Certificate{},
-		EsHelper:       utils.EsHelper{},
 
 		EngineCurrentStatus: 0, // 当前waf引擎状态
 	}
@@ -442,6 +441,9 @@ func (m *wafSystenService) Graceful() {
 }
 
 func main() {
+	if v := recover(); v != nil { // 侦测到一个恐慌
+		zlog.Info("主流程上被异常了")
+	}
 	pid := os.Getpid()
 	zlog.Debug("SamWaf Current PID:" + strconv.Itoa(pid))
 	//获取外网IP

middleware/gin_global_exception_middleware.go

@@ -0,0 +1,34 @@
+package middleware
+
+import (
+	"github.com/gin-gonic/gin"
+	"net/http"
+)
+
+/*
+*
+全局异常插件
+*/
+func GinGlobalExceptionMiddleWare() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		defer func() {
+			if r := recover(); r != nil {
+				//如果后续没动作，c.AbortWithStatusJSON其实也可以，省去了return。
+				c.JSON(http.StatusInternalServerError, gin.H{
+					"code": "500",
+					"msg":  errorToString(r),
+					"data": nil,
+				})
+				return
+			}
+		}()
+	}
+}
+func errorToString(r interface{}) string {
+	switch v := r.(type) {
+	case error:
+		return v.Error()
+	default:
+		return r.(string)
+	}
+}

release_pub.bat

@@ -1,7 +1,7 @@
 @echo on
 chcp 65001
 set currentpath=%cd%
-set currentversion=v1.1.6
-set currentdescription=信息脱敏处理，建议升级
+set currentversion=v1.1.7
+set currentdescription=新版linux兼容问题，建议升级
 %currentpath%\setup\go_gen_updatefile\go_gen_updatefile.exe -desc %currentdescription% -o %currentpath%\release\web\samwaf_update -platform windows-amd64 %currentpath%\release\SamWaf64.exe %currentversion% 
 %currentpath%\setup\go_gen_updatefile\go_gen_updatefile.exe -desc %currentdescription% -o %currentpath%\release\web\samwaf_update -platform linux-amd64 %currentpath%\release\SamWafLinux64 %currentversion%

utils/eshelper.go

@@ -1,75 +0,0 @@
-package utils
-
-import (
-	"SamWaf/innerbean"
-	"bytes"
-	"context"
-	"encoding/json"
-	"github.com/elastic/go-elasticsearch/v7"
-	"github.com/elastic/go-elasticsearch/v7/esapi"
-	"log"
-)
-
-// es帮助类
-type EsHelper struct {
-	es *elasticsearch.Client
-}
-
-func (eshelper *EsHelper) Init(url string) {
-	cfg := elasticsearch.Config{
-		Addresses: []string{
-			url,
-		},
-		// ...
-	}
-	es, err := elasticsearch.NewClient(cfg)
-	if err != nil {
-		log.Fatal(err)
-	}
-	eshelper.es = es
-	log.Println(elasticsearch.Version)
-	log.Println(es.Info())
-}
-func (eshelper *EsHelper) BatchInsert(index string, weblogs innerbean.WebLog) {
-
-	// Build the request body.
-	data, err := json.Marshal(weblogs)
-	if err != nil {
-		log.Fatalf("Error marshaling document: %s", err)
-	}
-	req := esapi.IndexRequest{
-		Index: index,
-		//DocumentID: strconv.Itoa(1 + 1),
-		Body: bytes.NewReader(data),
-		//Refresh:    "true",
-	}
-
-	// Perform the request with the client.
-	res, err := req.Do(context.Background(), eshelper.es)
-	if err != nil {
-		log.Fatalf("Error getting response: %s", err)
-	}
-	log.Print(res)
-}
-
-func (eshelper *EsHelper) BatchInsertWAF(index string, weblogs innerbean.WAFLog) {
-
-	// Build the request body.
-	data, err := json.Marshal(weblogs)
-	if err != nil {
-		log.Fatalf("Error marshaling document: %s", err)
-	}
-	req := esapi.IndexRequest{
-		Index: index,
-		//DocumentID: strconv.Itoa(1 + 1),
-		Body: bytes.NewReader(data),
-		//Refresh:    "true",
-	}
-
-	// Perform the request with the client.
-	res, err := req.Do(context.Background(), eshelper.es)
-	if err != nil {
-		log.Fatalf("Error getting response: %s", err)
-	}
-	log.Print(res)
-}

wafenginecore/wafengine.go

@@ -54,7 +54,6 @@ type WafEngine struct {
 	//所有证书情况 对应端口 可能多个端口都是https 443，或者其他非标准端口也要实现https证书
 	//嵌套结构 (key：端口 ，再往下是 下面的主机名，value 证书)
 	AllCertificate map[int]map[string]*tls.Certificate
-	EsHelper       utils.EsHelper
 
 	EngineCurrentStatus int // 当前waf引擎状态
 }

wafmangeweb/localserver.go

@@ -21,6 +21,7 @@ type WafWebManager struct {
 }
 
 func (web *WafWebManager) initRouter(r *gin.Engine) {
+
 	PublicRouterGroup := r.Group("")
 	PublicRouterGroup.Use(middleware.SecApi())
 	router.PublicApiGroupApp.InitLoginRouter(PublicRouterGroup)
@@ -49,6 +50,7 @@ func (web *WafWebManager) initRouter(r *gin.Engine) {
 		router.ApiGroupApp.InitWafCommonRouter(RouterGroup)
 
 	}
+	r.Use(middleware.GinGlobalExceptionMiddleWare())
 
 }
 func (web *WafWebManager) cors() gin.HandlerFunc {

编译说明.md

@@ -13,10 +13,8 @@ docker run --rm -v "$PWD":/media/sf_SamWaf -w /media/sf_SamWaf -e CGO_ENABLED=1
 
 
 //可调试的centos
-docker run --rm -v "$PWD":/media/sf_SamWaf -w /media/sf_SamWaf -e CGO_ENABLED=1 -e GOPROXY=https://goproxy.cn,direct golang:1.19 go build -v -ldflags="-X SamWaf/global.GWAF_RELEASE=true -X SamWaf/global.GWAF_RELEASE_VERSION_NAME=20230619 -X SamWaf/global.GWAF_RELEASE_VERSION=101 -s -w -extldflags "-static"" -o /media/sf_SamWaf/release/SamWafLinux64 main.go
+docker run --rm -v "$PWD":/media/sf_SamWaf -w /media/sf_SamWaf -e CGO_ENABLED=1 -e GOPROXY=https://goproxy.cn,direct golang:1.19 go build -v -ldflags="-X SamWaf/global.GWAF_RELEASE=true -X SamWaf/global.GWAF_RELEASE_VERSION_NAME=20240531 -X SamWaf/global.GWAF_RELEASE_VERSION=v1.1.6 -s -w -extldflags "-static"" -o /media/sf_SamWaf/release/SamWafLinux64 main.go 
 
-//可调试的local ubuntu
-docker run --rm -v "$PWD":/home/ubuntu/samwaf -w /home/ubuntu/samwaf -e CGO_ENABLED=1 -e GOPROXY=https://goproxy.cn,direct golang:1.19 go build -v -ldflags="-extldflags "-static"" -o /home/ubuntu/samwaf/release/SamWafLinux64.exe main.go
 
 //docker 单元测试
 docker run --rm -v "$PWD":/media/sf_SamWaf -w /media/sf_SamWaf -e CGO_ENABLED=1 -e GOPROXY=https://goproxy.cn,direct golang:1.19 go test -v ./firewall -test.run TestFireWallEngine_IsFirewallEnabled
@@ -52,8 +50,8 @@ $ multipass umount primary
 2.远程linux调试
 ```
 # 远程linux调试
-go env -w GOPROXY=goproxy.cn,direct
-go install github.com/go-delve/delve/cmd/dlv@latest
+/cphome/go/go/bin/go env -w GOPROXY=goproxy.cn,direct
+/cphome/go/go/bin/go install github.com/go-delve/delve/cmd/dlv@latest
 
 emu:
 /root/go/bin/dlv --listen=:26667 --headless=true --api-version=2 --accept-multiclient exec ./SamWafLinux64
@@ -122,9 +120,8 @@ docker-compose version
 5. 安装go
 ```
 1.下载：https://golang.google.cn/dl/
-2. 解压 tar -C -xzf go1.19.linux-amd64.tar.gz
-3.。/go 执行命令
-4./home/ubuntu/go/go/bin/go
+2. 解压 tar -C /cphome/go -xzf go1.19.linux-amd64.tar.gz 
+3./cphome/go/go/bin/go
 
 
 

调试.md

@@ -0,0 +1,37 @@
+
+//编译可调试的centos
+docker run --rm \
+  -v "$PWD":/media/sf_SamWaf \
+  -w /media/sf_SamWaf \
+  -e CGO_ENABLED=1 \
+  -e GOPROXY=https://goproxy.cn,direct \
+  golang:1.19 \
+  go build -v \
+  -ldflags="-X SamWaf/global.GWAF_RELEASE=true -X SamWaf/global.GWAF_RELEASE_VERSION_NAME=20240531 -X SamWaf/global.GWAF_RELEASE_VERSION=v1.1.6 -extldflags \"-static\"" \
+  -o /media/sf_SamWaf/release/SamWafLinux64 \
+  main.go
+  
+启动调试:
+/root/go/bin/dlv \
+  --listen=:26667 \
+  --headless=true \
+  --api-version=2 \
+  --accept-multiclient \
+  exec ./SamWafLinux64
+  
+  
+  
+  
+  
+  
+//编译可调试的centos
+docker run --rm \
+  -v "$PWD":/media/sf_SamWaf \
+  -w /media/sf_SamWaf \
+  -e CGO_ENABLED=1 \
+  -e GOPROXY=https://goproxy.cn,direct \
+  golang:1.22.3 \
+  go build -v \
+  -ldflags="-X SamWaf/global.GWAF_RELEASE=true -X SamWaf/global.GWAF_RELEASE_VERSION_NAME=20240531 -X SamWaf/global.GWAF_RELEASE_VERSION=v1.1.6 -extldflags \"-static\"" \
+  -o /media/sf_SamWaf/release/SamWafLinux64 \
+  main.go